CRITICAL🇬🇧 English

CVE-2023-0755

CVSS 9.8v3.1pub. 2023-02-23upd. 2024-11-21

The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Ge Digital Industrial Gateway Server

    APP
    Ge
    ≤ 7.612
  • Ptc Kepware Server

    APP
    Ptc
    ≤ 6.12
  • Ptc Kepware Serverex

    APP
    Ptc
    ≤ 6.12
  • Ptc Thingworx Edge C Sdk

    APP
    Ptc
    ≤ 2.2.12.1052
  • Ptc Thingworx Edge Microserver

    APP
    Ptc
    ≤ 5.4.10.0
  • Ptc Thingworx Industrial Connectivity

    APP
    Ptc
    wszystkie wersje
  • Ptc Thingworx Kepware Edge

    APP
    Ptc
    ≤ 1.5
  • Ptc Thingworx .net Sdk

    APP
    Ptc
    ≤ 5.8.4.971
  • Rockwellautomation Kepserver Enterprise

    APP
    Rockwellautomation
    ≤ 6.12
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2023-5908CRITICAL9.1PL ✓ten sam produkt

Buffer overflow w KEPServerEX umożliwiający crash lub wyciek danych

CVE-2022-2848CRITICAL9.1ten sam produkt

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPS...

CVE-2022-2825CRITICAL9.8ten sam produkt

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPS...

CVE-2023-0754CRITICAL9.8ten sam produkt

The affected products are vulnerable to an integer overflow or wraparound, which could  allow an attacker to ...

CVE-2020-27267CRITICAL9.1ten sam produkt

KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial Connectivity (all versi...